<?xml version="1.0"?> 
  <cross-domain-policy>  
    <allow-access-from domain="*"/>  
    <allow-http-request-headers-from domain="*" headers="*"/>
  </cross-domain-policy>
